Saturday, April 13, 2024

Hacker Pleads Guilty For Stealing 132,000+ Users Data

Robert Purbeck, a hacker known as “Lifelock” and “Studmaster,”  hacked into the computer servers of the City of Newnan, a medical clinic in Griffin, and at least 17 other victims across the US. 

He stole the personal information of more than 132,000 individuals, pleaded guilty to federal charges of computer fraud and abuse and, breached computer systems nationwide, stole a massive amount of personal data, then extorted his victims by threatening to expose this sensitive information. 

The incident highlights the serious risk cyberattacks pose to healthcare facilities and government institutions.

Law enforcement is committed to working together to fight cybercrime and protect citizens’ personal information, read DoJ’s Press release.

The FBI’s Atlanta field office emphasizes its commitment to combating cybercrime and prioritizes apprehending cybercriminals and thwarting attacks on critical infrastructure.

Document

Free Webinar : Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.:

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

AcuRisQ, that helps you to quantify risk accurately:

According to FBI Atlanta’s Special Agent in Charge, Keri Farley, the agency relentlessly pursues these criminals and disrupts their operations, ensuring they are brought to justice.

Focusing on victim safety translates to aggressive investigations, regardless of the criminals’ location, to hold them accountable under legal statutes.

Hacked into the Computer Servers 

Robert Purbeck engaged in cybercrime by acquiring unauthorized access to computer servers on the darknet marketplace, while in June 2017, he purchased access credentials for a Griffin, Georgia, medical clinic’s server. 

Using these stolen credentials, Purbeck infiltrated the clinic’s computer systems and exfiltrated sensitive personal information belonging to over 43,000 individuals, which included names, addresses, birthdates, and Social Security numbers. 

Nearly a year later, Purbeck repeated the offense by acquiring access to the City of Newnan, Georgia, Police Department’s server in February 2018. 

After gaining unauthorized entry, he stole police reports and documents containing the personal information of more than 14,000 people.  

In an FBI investigation on August 31st, 2019, a federal search warrant was executed at Purbeck’s residence in Meridian, Idaho, and the FBI seized multiple electronic devices containing the personal information of over 132,000 individuals. 

A blank Federal Search warrant form 

The data was obtained through multiple breaches targeting entities like the City of Newnan, the Griffin Medical Clinic, and at least 17 other victims across the US.

As part of a plea agreement, Purbeck agreed to compensate the victims by over $1 million. 

A resident of Meridian, Idaho, 44-year-old Purbeck, is scheduled for sentencing on June 18, 2024, at 10:30 am for the case involving hacking computer systems belonging to the City of Newnan and a Griffin medical clinic in Georgia. 

Chief U.S. District Judge Timothy C. Batten Sr. will preside over the sentencing at the United States Courthouse in Newnan, whereas the FBI Atlanta Field Office pursued the investigation with support from the FBI Boise, Idaho Resident Agency. 

Assistant U.S. Attorneys Michael Herskowitz, Nathan Kitchens, Alex Sistla, and Nicholas Evert, along with Trial Attorney Brian Mund from the U.S. Department of Justice Computer Crime and Intellectual Property Section, are leading the prosecution of a case, with significant support from the U.S. Attorney’s Office for the District of Idaho.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.

Website

Latest articles

Alert! Palo Alto RCE Zero-day Vulnerability Actively Exploited in the Wild

In a recent security bulletin, Palo Alto Networks disclosed a critical vulnerability in its...

6-year-old Lighttpd Flaw Impacts Intel And Lenovo Servers

The software supply chain is filled with various challenges, such as untracked security vulnerabilities...

Hackers Employ Deepfake Technology To Impersonate as LastPass CEO

A LastPass employee recently became the target of an attempted fraud involving sophisticated audio...

Sisence Data Breach, CISA Urges To Reset Login Credentials

In response to a recent data breach at Sisense, a provider of data analytics...

DuckDuckGo Launches Privacy Pro: 3-in-1 service With VPN

DuckDuckGo has launched Privacy Pro, a new subscription service that promises to enhance user...

Cyber Attack Surge by 28%:Education Sector at High Risk

In Q1 2024, Check Point Research (CPR) witnessed a notable increase in the average...

Midnight Blizzard’s Microsoft Corporate Email Hack Threatens Federal Agencies: CISA Warns

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive concerning a...
Eswar
Eswar
Eswar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Top 3 SME Attack Vectors

Securing the Top 3 SME Attack Vectors

Cybercriminals are laying siege to small-to-medium enterprises (SMEs) across sectors. 73% of SMEs know they were breached in 2023. The real rate could be closer to 100%.

  • Stolen credentials
  • Phishing
  • Exploitation of vulnerabilities

Related Articles